Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qJw7by4JTrc_DekZlJ1FGc6y5x4.roa
File:                     qJw7by4JTrc_DekZlJ1FGc6y5x4.roa (download)
Hash identifier:          X0NPQ6U5xHt8bU1EW88awwwq58jzcOtFP6HtpFm2Bz8=
Subject key identifier:   A8:9C:3B:6F:2E:09:4E:B7:3F:0D:E9:19:94:9D:45:19:CE:B2:E7:1E
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17EC1BA6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qJw7by4JTrc_DekZlJ1FGc6y5x4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     210405
IP address blocks:
    1: 185.223.164.0/24 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401349542 (0x17ec1ba6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a89c3b6f2e094eb73f0de919949d4519ceb2e71e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:0d:e6:61:c4:9b:91:c7:48:57:63:0d:0b:3e:
                    43:ef:a3:27:a2:a5:a6:d1:96:04:cf:1b:91:f1:60:
                    eb:7f:6c:63:d3:0d:30:00:79:60:48:a9:ae:6d:99:
                    98:fb:cb:cd:b3:3b:3f:55:61:b0:fa:3b:5b:f6:63:
                    86:ce:c0:35:31:f2:4e:58:3f:9d:73:f3:7b:e6:49:
                    6a:09:98:3d:d9:bf:b1:3d:2b:56:19:e9:28:82:64:
                    55:6b:bc:4f:55:cb:35:fd:5f:9c:a8:d8:ef:b3:a8:
                    95:f2:cc:f4:c3:45:25:70:de:f0:96:62:ec:9e:ba:
                    cb:d7:aa:b4:60:95:7e:e8:20:ca:2d:40:eb:45:2e:
                    32:ab:72:75:fd:71:28:56:1d:d6:36:e9:45:91:52:
                    ae:68:04:46:89:09:d0:b5:44:2f:9f:63:e5:0c:0d:
                    f0:32:72:b4:9a:c5:f5:e7:24:e6:02:7c:07:a7:0f:
                    5e:a5:e1:41:0f:e8:e1:fa:e4:99:42:3f:50:14:98:
                    94:df:39:d7:ba:e2:fc:a2:a8:26:07:9a:3a:77:d6:
                    7e:63:80:fb:fa:7c:aa:77:00:80:84:cb:cf:4f:f0:
                    cf:6b:a0:65:ec:1f:7d:a3:3b:f3:1b:22:d9:59:c2:
                    d9:3e:ce:54:63:02:96:6d:93:9b:e5:31:af:3a:88:
                    2f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A8:9C:3B:6F:2E:09:4E:B7:3F:0D:E9:19:94:9D:45:19:CE:B2:E7:1E
            X509v3 Authority Key Identifier: 
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qJw7by4JTrc_DekZlJ1FGc6y5x4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:01:74:e3:6c:13:dd:e0:71:21:28:fe:2e:45:b8:a6:71:bc:
         b9:74:19:18:37:9e:da:2f:5e:a3:3a:c7:6f:24:c8:26:ed:3f:
         fc:92:83:85:c4:b9:7b:b9:d7:f6:a6:40:70:82:5c:67:9c:03:
         0b:06:b1:c9:52:df:5c:9d:dd:09:d6:c3:68:96:1b:86:23:d4:
         f1:ab:df:0c:f3:1d:6d:85:ea:e8:0c:e4:7d:03:dd:05:57:1a:
         5d:8d:ba:15:ea:37:10:d3:84:cf:2d:42:af:26:cb:9e:83:25:
         c7:03:29:09:70:ee:3c:85:8d:e0:5e:b6:af:6d:66:93:9c:7d:
         38:15:7d:06:b6:5e:b3:65:a2:2c:72:19:78:09:bd:03:1a:a1:
         2c:49:d1:b7:dd:d4:68:2b:b3:72:ee:af:c6:1c:ac:41:40:05:
         c4:7f:e7:01:20:c8:11:db:b7:52:05:63:cd:30:25:39:36:dd:
         bd:7f:22:95:77:a5:30:08:4d:66:52:35:b2:0b:cf:2a:42:bc:
         a4:ac:12:29:77:e7:68:37:4d:dd:ff:d3:c8:71:e5:31:ee:68:
         2e:cb:f3:91:29:b4:e1:d3:b1:96:0e:c1:d5:be:82:02:90:8f:
         eb:49:46:78:52:44:20:6a:b9:7e:10:c5:e2:40:83:66:35:da:
         20:6d:35:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF+wbpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg5YzNiNmYyZTA5
NGViNzNmMGRlOTE5OTQ5ZDQ1MTljZWIyZTcxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEN5mHEm5HHSFdjDQs+Q++jJ6KlptGWBM8bkfFg639sY9MN
MAB5YEiprm2ZmPvLzbM7P1VhsPo7W/Zjhs7ANTHyTlg/nXPze+ZJagmYPdm/sT0r
VhnpKIJkVWu8T1XLNf1fnKjY77OolfLM9MNFJXDe8JZi7J66y9eqtGCVfuggyi1A
60UuMqtydf1xKFYd1jbpRZFSrmgERokJ0LVEL59j5QwN8DJytJrF9eck5gJ8B6cP
XqXhQQ/o4frkmUI/UBSYlN8517ri/KKoJgeaOnfWfmOA+/p8qncAgITLz0/wz2ug
ZewffaM78xsi2VnC2T7OVGMClm2Tm+UxrzqIL5ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSonDtvLglOtz8N6RmUnUUZzrLnHjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3FKdzdieTRKVHJjX0Rla1psSjFGR2M2eTV4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnfpDANBgkqhkiG9w0BAQsFAAOC
AQEAjQF042wT3eBxISj+LkW4pnG8uXQZGDee2i9eozrHbyTIJu0//JKDhcS5e7nX
9qZAcIJcZ5wDCwaxyVLfXJ3dCdbDaJYbhiPU8avfDPMdbYXq6AzkfQPdBVcaXY26
Feo3ENOEzy1CrybLnoMlxwMpCXDuPIWN4F62r21mk5x9OBV9BrZes2WiLHIZeAm9
AxqhLEnRt93UaCuzcu6vxhysQUAFxH/nASDIEdu3UgVjzTAlOTbdvX8ilXelMAhN
ZlI1sgvPKkK8pKwSKXfnaDdN3f/TyHHlMe5oLsvzkSm04dOxlg7B1b6CApCP60lG
eFJEIGq5fhDF4kCDZjXaIG01iA==
-----END CERTIFICATE-----
Generated at Thu Dec 8 06:49:47 2022 by rpki-client.